Tag: code

A security analyst has been asked to perform a review of an organization’s software development lifecycle. The analyst reports that the lifecycle does not contain a phase in which team members evaluate and provide critical feedback of another developer’s code. Which of the following assessment techniques is BEST described in the analyst’s report?

A programmer must write a piece of code to encrypt passwords and credit card information used by an online shopping cart. The passwords must be stored using one-way encryption, while credit card information must be stored using reversible encryption. Which of the following should be used to accomplish this task? (Select TWO)

A rogue programmer included a piece of code in an application to cause the program to halt at 2:00 PM on Monday afternoon when the application is most utilized. This is Which of the following types of malware?
A. TrojanB. VirusC. Logic BombD. Botnets

The software developer is responsible for writing the code and promoting from the development network to the quality network. The network administrator is responsible for promoting code to the application servers. Which of the following practices are they following to ensure application integrity?

A server administrator notes that a fully patched application often stops running due to a memory error. When reviewing the debugging logs they notice code being run calling an internal process to exploit the machine. Which of the following attacks does this describes?

Which of the following would be a reason for developers to utilize an AES cipher in CCM mode (Counter with Chain Block Message Authentication Code)?

A. It enables the ability to reverse the encryption with a separate keyB. It allows for one time pad inclusions with the passphraseC. Counter mode alternates between synchronous and asynchronous encryptionD. It allows a block cipher to function as a steam cipher

One month after a software developer was terminated the helpdesk started receiving calls that several employees’ computers were being infected with malware. Upon further research, it was determined that these employees had downloaded a shopping toolbar. It was this toolbar that downloaded and installed the errant code. Which of the following attacks has taken place?

Explanation:
Authentication generally requires one or more of the following:
Something you know: a password, code, PIN, combination, or secret phrase.
Something you have: a smart card, token device, or key.
Something you are: a fingerprint, a retina scan, or voice recognition; often referred to as biometrics, discussed later in this chapter.
Somewhere you are: a physical or logical location.
Something you do: typing rhythm, a secret handshake, or a private knock.

Incorrect Answers:
A: Authorization occurs after authentication, and ensures that the requested activity or object access is possible given the rights and privileges assigned to the authenticated identity.
Authorization indicates who is trusted to perform specific operations.
B: Auditing is generally used for compliance testing.
D: Identification is the claiming of an identity, only has to take place once per authentication or access process.

Explanation:
Cross-site scripting (XSS) is a form of malicious code-injection attack on a web server in which an attacker injects code into the content sent to website visitors. XSS can be mitigated
by implementing patch management on the web server, using firewalls, and auditing for suspicious activity.

Incorrect Answers:
A: An Intrusion Detection System (IDS) is used to detect attempts to access a system. It cannot be used to detect cross-site scripting attacks where a malicious user is injecting
malicious content into content being downloaded by a user.
B: Flood Guard Protection is used to prevent a network being flooded by data such as DoS, SYN floods, ping floods etc. The flood of data saturates the network and prevents the
successful transmission of valid data across the network. Flood Guard Protection is not used to prevent cross-site scripting attacks.
D. A URL Content Filter is used to permit access to allowed URLs (Websites) only or to block access to URLs that are not allowed according to company policy. For example, a
company might use a URL Content Filter to block access to social networking sites. A URL Content Filter is not used to prevent cross-site scripting attacks.